In a blue-green deployment strategy, there are always two instances of your application running in production. A reverse proxy is used to direct traffic to either the green or the blue version. You then deploy changes to your application by first updating the inactive version and then changing the load balancer config to redirect traffic to the updated instance.
In this video, I will show you how to set up a very simple version of such a blue-green deployment using just Apache, Docker and CentOS 8.
Zabbix is a great open source tool to monitor operating system and application metrics. You can install it on your web server and out of the box, it is able to show you fancy graphs for things like:
Disk space usage
Free swap space
In this guide, I will show you how to create a dashboard widget that displays the response time for a specific URL over time. You can use this to monitor your production website and make sure there are no performance issues. In the end, it will look like this:
Make sure that you copy the generated p12 file to the same folder where the Dockerfile is located because the “ADD” command expects a relative path as a first argument.
Adapting your application.properties
Either directly append these lines to your application.properties or add the corresponding keys as environment variables as described in this article (the keys need to be transformed to underscore-separated capitalised letters – e.g., SERVER_SSL_KEYSTORE="..."):
You need to renew your Let’s Encrypt certificate regularly. Use the certbot tool with the following parameters:
certbot-auto certonly -a standalone -d subdomain.example.org
and copy the resulting certificate to the same location used before. Then restart your Docker container and you are done – your certificate has been renewed.
Also make sure your port 80 is still free – if you have an application running on that port, stop it for a few seconds (you can restart it immediately after the invocation of certbot-auto) – otherwise the renewal process might fail.
You can verify whether the certificate works by running your application and targeting your browser to its URL with the https:// prefix – you should see the following HTTPS information:
This is going to be a short one. You may be experiencing troubles when installing Kali Linux via an USB flash drive:
You may be inclined to waste a few hours following one of the countless articles suggesting to manually open a shell, change the way your USB stick is mounted and try to fix the issue that way.
However, chances are there is a simpler solution in case you are using the popular “LiLi USB Creator” tool on Windows for preparing your flash drives. This solution is: forget LiLi USB Creator and use Win32 Disk Imager instead. Everything will work fine, you can thank me later.
Imagine someone watching all your daily activities from hundreds of meters in the distance. While walls can protect you from spy glasses and interested neighbours looking out of their windows, they are no obstacle for electromagnetic radiation. WiFi networks in particular often build the backbone of our homes’ communication infrastructure: when you come home, your phone connects to your WiFi; when you turn on your video gaming console, it connects to your WiFi; when you leave, the WiFi connection to your phone is removed.
There are ways to measure such WiFi activities which require nothing but some cheap pieces of hardware, the right software tools and a little bit of network knowledge. In this post series, I want to investigate this topic, present state of the art tools and ways to set them up and give advice on what can be done to protect against the described invasions of your privacy.
Part 1 explains how to install Kismet – the swiss army knife for network monitoring.